fix deploy

Author: devksingh4

.github/workflows/deploy-qa.yml

@@ -130,11 +130,11 @@ jobs:
       - uses: aws-actions/configure-aws-credentials@v4
         with:
           role-to-assume: arn:aws:iam::427040638965:role/GitHubActionsRole
-          role-session-name: Core_Dev_Deployment_${{ github.run_id }}
+          role-session-name: Core_QA_Deployment_${{ github.run_id }}
           aws-region: us-east-1
 
       - name: Publish to AWS
-        run: make deploy_dev
+        run: make deploy_qa
         env:
           HUSKY: "0"
           VITE_RUN_ENVIRONMENT: dev

.github/workflows/test.yml

@@ -14,7 +14,7 @@ jobs:
         uses: aws-actions/configure-aws-credentials@v4
         with:
           role-to-assume: arn:aws:iam::427040638965:role/GitHubActionsRole
-          role-session-name: Core_Dev_Deployment
+          role-session-name: Core_QA_Deployment
           aws-region: us-east-1
 
       - name: Get AWS Caller Identity

Makefile

@@ -10,16 +10,6 @@ GIT_HASH := $(shell git rev-parse --short HEAD)
 
 .PHONY: clean
 
-check_account_prod:
-ifneq ($(current_aws_account),$(prod_aws_account))
-	$(error Error: running in account $(current_aws_account), expected account ID $(prod_aws_account))
-endif
-
-check_account_dev:
-ifneq ($(current_aws_account),$(dev_aws_account))
-	$(error Error: running in account $(current_aws_account), expected account ID $(dev_aws_account))
-endif
-
 
 clean:
 	rm -rf .aws-sam
@@ -55,19 +45,19 @@ build: src/
 local:
 	VITE_BUILD_HASH=$(GIT_HASH) yarn run dev
 
-deploy_prod: check_account_prod
+deploy_prod:
 	@echo "Deploying Terraform..."
 	terraform -chdir=terraform/envs/prod init -lockfile=readonly
-	terraform -chdir=terraform/envs/qa plan -out=tfplan
+	terraform -chdir=terraform/envs/prod plan -out=tfplan
 	terraform -chdir=terraform/envs/prod apply -auto-approve tfplan
-	rm tfplan
+	rm terraform/envs/prod/tfplan
 
-deploy_dev: check_account_dev
+deploy_qa:
 	@echo "Deploying Terraform..."
 	terraform -chdir=terraform/envs/qa init -lockfile=readonly
 	terraform -chdir=terraform/envs/qa plan -out=tfplan
 	terraform -chdir=terraform/envs/qa apply -auto-approve tfplan
-	rm tfplan
+	rm terraform/envs/qa/tfplan
 
 init_terraform:
 	terraform -chdir=terraform/envs/qa init

src/api/README.md

@@ -5,7 +5,6 @@
 2. Enable Tailscale VPN so you can reach the development database in AWS
 3. Log into AWS with `aws configure sso` so you can retrieve the AWS secret and configuration.
 4. `yarn -D`
-5. `make check_account_dev` - If this fails make sure that AWS is configured.
 6. `make local`
 
 ## Build for AWS Lambda
@@ -16,7 +15,7 @@
 
 1. Get AWS credentials with `aws configure sso`
 2. Ensure AWS profile is set to the right account (QA or PROD).
-3. Run `make deploy_dev` or `make deploy_prod`.
+3. Run `make deploy_qa` or `make deploy_prod`.
 
 ## Generating JWT token
 

terraform/envs/prod/.terraform.lock.hcl

@@ -2,7 +2,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = "~> 5.92"
+      version = "~> 6.7.0"
     }
   }
 
@@ -18,7 +18,8 @@ terraform {
 
 
 provider "aws" {
-  region = "us-east-1"
+  allowed_account_ids = ["298118738376"]
+  region              = "us-east-1"
   default_tags {
     tags = {
       project           = var.ProjectId
@@ -31,7 +32,11 @@ data "aws_caller_identity" "current" {}
 data "aws_region" "current" {}
 
 locals {
-  bucket_prefix = "${data.aws_caller_identity.current.account_id}-${data.aws_region.current.name}"
+  bucket_prefix = "${data.aws_caller_identity.current.account_id}-${data.aws_region.current.region}"
+  queue_arns = {
+    main = module.sqs_queues.main_queue_arn
+    sqs  = module.sqs_queues.sales_email_queue_arn
+  }
 }
 
 module "sqs_queues" {
@@ -95,7 +100,7 @@ module "frontend" {
 
 resource "aws_lambda_event_source_mapping" "queue_consumer" {
   depends_on              = [module.lambdas, module.sqs_queues]
-  for_each                = toset([module.sqs_queues.main_queue_arn, module.sqs_queues.sales_email_queue_arn])
+  for_each                = local.queue_arns
   batch_size              = 5
   event_source_arn        = each.key
   function_name           = module.lambdas.core_sqs_consumer_lambda_arn

terraform/envs/prod/main.tf

@@ -2,7 +2,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = "~> 5.92"
+      version = "~> 6.7.0"
     }
   }
 
@@ -18,7 +18,8 @@ terraform {
 
 
 provider "aws" {
-  region = "us-east-1"
+  allowed_account_ids = ["427040638965"]
+  region              = "us-east-1"
   default_tags {
     tags = {
       project           = var.ProjectId
@@ -38,7 +39,7 @@ module "sqs_queues" {
   core_sqs_consumer_lambda_name = module.lambdas.core_sqs_consumer_lambda_name
 }
 locals {
-  bucket_prefix = "${data.aws_caller_identity.current.account_id}-${data.aws_region.current.name}"
+  bucket_prefix = "${data.aws_caller_identity.current.account_id}-${data.aws_region.current.region}"
   queue_arns = {
     main = module.sqs_queues.main_queue_arn
     sqs  = module.sqs_queues.sales_email_queue_arn
@@ -129,7 +130,7 @@ resource "aws_lambda_event_source_mapping" "queue_consumer" {
   depends_on              = [module.lambdas, module.sqs_queues]
   for_each                = local.queue_arns
   batch_size              = 5
-  event_source_arn        = each.key
+  event_source_arn        = each.value
   function_name           = module.lambdas.core_sqs_consumer_lambda_arn
   function_response_types = ["ReportBatchItemFailures"]
 }